Risky Biz Soap Box: Mike Wiacek on lazy mode threat hunting

Risky Biz

Player FM - Internet Radio Done Right

36 subscribers

Dodano three lat temu

Treść dostarczona przez Risky.biz and Patrick Gray. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Risky.biz and Patrick Gray lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.

All About Change

1
Jay Ruderman - How to Find Your Fight & Drive Social Change 32:17

15 dni temu32:17

Na później

Listy

Polub

Polubione

32:17

Jay is more than just the host of All About Change podcast. He is a lawyer and international activist, who has focused his life’s work on seeking social justice by advocating for the rights of people with disabilities worldwide. On the special episode of All About Change, Mijon Zulu, the managing producer of the "All About Change" podcast, is taking over hosting duties to interview Jay Ruderman about his new book, his activist journey, and why activism is even more important today. Episode Chapters (0:00) intro (02:38) How does one choose a cause to go after? (03:33) Jay’s path to activism (07:50) Practical steps a new activist can take (09:24) Confrontation vs trolling (17:36) Learning from activists operating in different sectors (19:20) Resilience in activism (22:24) Reflections on Find Your Fight and goodbye For video episodes, watch on www.youtube.com/@therudermanfamilyfoundation Stay in touch: X: @JayRuderman | @RudermanFdn LinkedIn: Jay Ruderman | Ruderman Family Foundation Instagram: All About Change Podcast | Ruderman Family Foundation To learn more about the podcast, visit https://allaboutchangepodcast.com/ Looking for more insights into the world of activism? Be sure to check out Jay’s brand new book, Find Your Fight , in which Jay teaches the next generation of activists and advocates how to step up and bring about lasting change. You can find Find Your Fight wherever you buy your books, and you can learn more about it at www.jayruderman.com .…

rok temu 31:20

MP3•Źródło odcinka

This Soap Box edition of the show is with Mike Wiacek, the CEO and Founder of Stairwell.

Stairwell is a platform that creates something similar to an NDR, but for file analysis instead of network traffic. The idea is you get a copy of every unique file in your environment to the Stairwell platform, via a file forwarding agent. You get an inventory that lists where these files exist in your environment, at what times, and from there you can start doing analysis.

If you find a dodgy file you can do all the usual malware analysis type stuff, but you can also do things like immediately find out where else that file is in your organisation, or even where else it was. From there you can identify other files that are similar – variants of those files – and search for those. And you can unpack all this very, very quickly.

This is the type of tool that EDR companies use internally to do threat hunting, but it’s just for you and your org – you can drive it. And as you’ll hear, the idea of a transparent, customisable and programmable security stack is something that’s on-trend at the moment. Mike lays out the case that doing this sort of file analysis in your organisation makes a whole lot of sense.

129 odcinków

#Tech #Tech News #Risky.biz #Patrick Gray #News

Risky Biz

Risky Biz Soap Box: Mike Wiacek on lazy mode threat hunting

Risky Biz

36 subscribers

published rok temu

Udostępnij

MP3•Źródło odcinka

This Soap Box edition of the show is with Mike Wiacek, the CEO and Founder of Stairwell.

129 odcinków

#Tech #Tech News #Risky.biz #Patrick Gray #News

Wszystkie odcinki

Risky Biz

1
Risky Business #787 -- Trump fires NSA director, CISA cuts inbound 53:01

6 dni temu53:01

53:01

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Oracle quietly cops to being hacked, but immediately pivots into pretending it didn’t matter NSA and CyberCom leaders fired for not being MAGA enough US Treasury had some dusty corners it hadn’t found China in yet, looked, found China in them …which is a great time to discuss slashing CISA’s staffing Ransomware crews and bullet proof hosting providers are getting rekt, and we love it And Microsoft patches yet another logging 0-day being used in the wild. This episode is sponsored by Yubico, makers of Yubikey hardware authentication tokens. Yubico’s Vice President of Solutions Architecture and Alliances Derek Hanson joins to discuss how the consumer-centric passkey ecosystem has become a real challenge for enterprises. One that Yubico is actually ideally positioned to solve. This episode is also available on Youtube . Show notes Oracle privately confirms Cloud breach to customers Oracle have finally issued a written notification to customers about their cybersecurity incident. Head of NSA and US Cyber Command reportedly fired | Cybersecurity Dive Trump fires numerous National Security Council staff - The Washington Post Trump administration under scrutiny as it puts major round of CISA cuts on the table | Cybersecurity Dive Hackers Spied on US Bank Regulators’ Emails for Over a Year - Bloomberg This is how Jeffrey Goldberg got added to the Signal chat Cybercriminals are trying to loot Australian pension accounts in new campaign | The Record from Recorded Future News $500,000 stolen in Australian super fund data breach | Superannuation | The Guardian Australian regulator pulls licenses of 95 companies in effort to crack down on investment scams | The Record from Recorded Future News Everest ransomware group’s darknet site offline following defacement | The Record from Recorded Future News On March 28, 2025, a threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider long linked to Yalishanda (LARVA-34). There's a ransomware group named DragonForce going around hacking its rivals. After Mamona and BlackLock, the group has now hacked RansomHub The DragonForce ransomware group hacked two rivals this month CISA, experts warn of Crush file transfer attacks as ransomware gang makes threats | The Record from Recorded Future News Kill Security Campaign Targets CrushFTP Servers National Vulnerability Database | NIST Microsoft patches zero-day actively exploited in string of ransomware attacks | CyberScoop Exploitation of CLFS zero-day leads to ransomware activity | Microsoft Security Blog Is The Sofistication In The Room With Us? - X-Forwarded-For and Ivanti Connect Secure (CVE-2025-22457)…

Risky Biz

1
Risky Business #786 -- Oracle is lying 55:14

13 dni temu55:14

55:14

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Yes, Oracle Health and Oracle Cloud did get hacked The fallout from Signalgate continues North Korean IT workers pivot to Europe Honeypot data suggests a storm is brewing for Palo Alto VPNs Canadian Anon gets arrested for hacking Texas GOP This week’s episode is sponsored by Trail of Bits. Tjaden Hess, a Principal Security Engineer at Trail of Bits who specialises in cryptography, joins the show this week to talk about what a responsible crypto-currency exchange cold wallet setup looks like, and … contrasts that with Bybit. This episode is also available on Youtube . Show notes Oracle Health breach compromises patient data at US hospitals FBI probes Oracle hack tied to healthcare extortion: Report - Becker's Hospital Review | Healthcare News & Analysis Oracle Still Denies Breach as Researchers Persist Hacker linked to Oracle Cloud intrusion threatens to sell stolen data | Cybersecurity Dive Publius on X: "🚨 SIGNAL SCANDAL: Katherine Maher, the leftist NPR CEO, is currently the Chair of the Board of Signal! WHAT ARE THE ODDS? https://t.co/jWNTeAt3Jz " / X Mike Waltz Is Losing Support Inside the White House - WSJ Waltz and staff used Gmail for government communications, officials say - The Washington Post Pete Hegseth, Mike Waltz, Tulsi Gabbard: Private Data and Passwords of Senior U.S. Security Officials Found Online - DER SPIEGEL Even More Venmo Accounts Tied to Trump Officials in Signal Group Chat Left Data Public | WIRED You Need to Use Signal's Nickname Feature SignalGate Is Driving the Most US Downloads of Signal Ever | WIRED Wickr - Wikipedia When Getting Phished Puts You in Mortal Danger – Krebs on Security DPRK IT Workers Expanding in Scope and Scale | Google Cloud Blog How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack Defense contractor to pay $4.6 million over third-party provider’s security weakness | The Record from Recorded Future News Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats CISA warns new malware targeting Ivanti zero-day vulnerability | Cybersecurity Dive Canadian hacker arrested for allegedly stealing data from Texas Republican Party | The Record from Recorded Future News British intel intern pleads guilty to smuggling top secret data out of protected facility | The Record from Recorded Future News…

Risky Biz

1
Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access 30:46

19 dni temu30:46

30:46

In this Soap Box edition of Risky Business host Patrick Gray talks to Knocknoc CEO Adam Pointon about how to easily rein in attack surface by glueing your single sign-on service to your network controls. Do your Palo Alto and Fortinet devices really need to be discoverable by ransomware crews? Does your file transfer appliance need to be open to the whole world? What about your SSH and RDP? Your Citrix? Your (gasp) Exchange Online servers?? You can do a lot with IP allowlisting and simple Identity Aware Proxies (IAPs) to minimise your exposure. Knocknoc is a bit of a “Risky Business special”, too. Pat helped Knocknoc to raise a seed round through Decibel Partners where he’s a founder advisor. He also serves on Knocknoc’s board of directors. This episode is also available on Youtube . Show notes…

Risky Biz

1
Risky Business #785 -- Signal-gate is actually as bad as it looks 59:05

20 dni temu59:05

59:05

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Yes, the Trump admin really did just add a journo to their Yemen-attack-planning Signal group The Github actions hack is smaller than we thought, but was targeting crypto Remote code exec in Kubernetes, ouch Oracle denies its cloud got owned, but that sure does look like customer keymat Taiwanese hardware maker Clevo packs its private keys into bios update zip US Treasury un-sanctions Tornado Cash, party time in Pyongyang? This week’s episode is sponsored by runZero. Long time hackerman HD Moore joins to talk about how network vulnerability scanning has atrophied, and what he’s doing to bring it back en vogue. Do you miss early 2000s Nessus? HD knows it, he’s got you fam. This episode is also available on Youtube . Show notes The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT | WIRED Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 3/21) Critical vulnerabilities put Kubernetes environments in jeopardy | Cybersecurity Dive Researchers back claim of Oracle Cloud breach despite company’s denials | Cybersecurity Dive The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants | CloudSEK Capital One hacker Paige Thompson got too light a sentence, appeals court rules | CyberScoop US scraps sanctions on Tornado Cash, crypto ‘mixer’ accused of laundering North Korea money | Reuters Tornado Cash Delisting | U.S. Department of the Treasury Major web services go dark in Russia amid reported Cloudflare block | The Record from Recorded Future News Clevo Boot Guard Keys Leaked in Update Package Six additional countries identified as suspected Paragon spyware customers | CyberScoop The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it | The Record from Recorded Future News Malaysia PM says country rejected $10 million ransom demand after airport outages | The Record from Recorded Future News Hacker defaces NYU website, exposing admissions data on 1 million students | The Record from Recorded Future News Notre Dame uni students say outage creating enrolment, graduation, assignment mayhem - ABC News DNA of 15 Million People for Sale in 23andMe Bankruptcy…

Risky Biz

1
Risky Business #784 -- GitHub supply chain attack steals secrets from 23k projects 56:58

27 dni temu56:58

56:58

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Github Actions supply chain attack loots keys and secrets from 23k projects Why a VC fund now owns a minority stake in Risky Business Media (!?!?) China doxes Taiwanese military hackers Microsoft thinks .lnk file whitespace trick isn’t worth patching but APTs sure love it CISA delivers government efficiency by re-hiring fired staff… to put them on paid leave …and Google acquires Wiz for $32bn This week’s show is sponsored by Zero Networks, and they have sent along a happy customer to talk about their experience. Aaron Steinke is Head of Infrastructure at La Trobe Financial, an asset management firm in Australia. Aaron talks through bringing modern zero-trust goodness to the reality of a technology environment that’s been around 40 years. This episode is also available on Youtube . Show notes Risky Bulletin: GitHub supply chain attack prints everyone's secrets in build logs - Risky Business Media China says Taiwan's military is behind PoisonIvy APT China identifies Taiwanese hackers allegedly behind cyberattacks and espionage | The Record from Recorded Future News Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds | The Record from Recorded Future News Lazarus Group deceives developers with 6 new malicious npm packages | CyberScoop Poisoned Windows shortcuts found to be a favorite of Chinese, Russian, N. Korean state hackers | The Record from Recorded Future News 'Mora_001' ransomware gang exploiting Fortinet bug spotlighted by CISA in January | The Record from Recorded Future News Black Basta uses brute-forcing tool to attack edge devices | Cybersecurity Dive Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court | The Record from Recorded Future News CISA works to contact probationary employees for reinstatement after court order - Nextgov/FCW ‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge | WIRED The Wiretap: CISA Staff Are Cautiously Optimistic About Trump’s Pick For Director White House instructs agencies to avoid firing cybersecurity staff, email says | Reuters Signal no longer cooperating with Ukraine on Russian cyberthreats, official says | The Record from Recorded Future News Telegram CEO Pavel Durov allowed to leave France amid investigation Appellate court upholds sentence for former Uber cyber executive Joe Sullivan | The Record from Recorded Future News Google buys cloud security provider Wiz for $32 billion | The Record from Recorded Future News Pat Gray, Founder of Risky Business, Joins Decibel as Founder Advisor - Decibel…

Risky Biz

1
Risky Business #783 -- Evil webcam ransomwares entire Windows network 1:03:40

5 weeks temu1:03:40

1:03:40

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA. They talk through: A realistic bluetooth-proximity phishing attack against Passkeys A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor The ESP32 backdoor that is neither a door nor at the back The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists Years later, LastPass hackers are still emptying crypto-wallets …and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice! Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline. This week’s episode is sponsored by SpecterOps, makers of the BloodHound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using BloodHound’s insight. This episode is also available on Youtube . Show notes CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers | Tobia Righi - Security Researcher Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security Camera off: Akira deploys ransomware via webcam Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT devices Alleged Co-Founder of Garantex Arrested in India – Krebs on Security 37K+ VMware ESXi instances vulnerable to critical zero-day | Cybersecurity Dive Apple patches 0-day exploited in “extremely sophisticated attack” - Ars Technica What Really Happened With the DDoS Attacks That Took Down X | WIRED Eleven11bot estimates revised downward as researchers point to Mirai variant | Cybersecurity Dive Previously unidentified botnet infects unpatched TP-Link Archer home routers | The Record from Recorded Future News Safe.eth on X: "Investigation Updates and Community Call to Action" / X How to verify Safe{Wallet} transactions on a hardware wallet | Safe{Wallet} Help Center and Support. US charges Chinese nationals in cyberattacks on Treasury, dissidents and more | The Record from Recorded Future News Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security | CyberScoop U.S. pauses intelligence sharing with Ukraine used to target Russian forces - The Washington Post…

Risky Biz

1
Risky Business #782 -- Are the USA and Russia cyber friends now? 50:12

6 weeks temu50:12

50:12

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Did the US decide to stop caring about Russian cyber, or not? Adam stans hard for North Korea’s massive ByBit crypto-theft Cellebrite firing Serbia is an example of the system working Starlink keeps scam compounds in Myanmar running Biggest DDoS botnet yet pushes over 6Tbps This week’s episode is sponsored by network visibility company Corelight. Vincent Stoffer, field CTO at Corelight joins to talk through where eyes on your network can spot attackers like Salt and Volt Typhoon. This episode is also available on Youtube . Show notes Sygnia Preliminary Bybit Investigation Report Verichains Bybit Incident Investigation Preliminary Report North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News Risky Bulletin: Trump administration stops treating Russian hackers as a threat - Risky Business Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? (Story updated) Russia to redeploy resources freed up by end of war in Ukraine, warns Finnish intelligence | The Record from Recorded Future News FBI urges crypto community to avoid laundering funds from Bybit hack | The Record from Recorded Future News Risky Bulletin: Cellebrite bans bad boy Serbia - Risky Business Belgium probes suspected Chinese hack of state security service | The Record from Recorded Future News Gabbard: UK demand to Apple for backdoor access is 'grave concern' to US | The Record from Recorded Future News Elon Musk’s Starlink Is Keeping Modern Slavery Compounds Online | WIRED U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason” – Krebs on Security Google Password Manager finally syncs to iOS—here’s how - Ars Technica Gmail Security Alert: Google To Ditch SMS Codes For Billions Of Users Massive Iran-linked botnet launches DDoS attacks against telecom, gaming platforms | Cybersecurity Dive Microsoft-signed driver used in ransomware attacks | Cybersecurity Dive London member of ‘Com’ network convicted of making indecent images of children | The Record from Recorded Future News Volt Typhoon & Salt Typhoon Attackers Are Evading EDR: What Can You Do? | Corelight…

Risky Biz

1
Risky Business #781 -- How Bybit oopsied $1.4bn 1:02:40

7 weeks temu1:02:40

1:02:40

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: North Korea pulls off a 1.5 billion dollar crypto heist Apple pulls Advanced Data Protection from the UK Black Basta ransomware gang’s internal chats leak Russians snoop on Signal with QR codes And Myanmar ships thousands of freed scam compound workers to Thailand Regular guest Lina Lau joins to discuss her work reading Chinese incident response reports on WeChat, and how that has people thinking that … she outed the NSA? This week’s episode is sponsored by Airlock Digital, and allow-listing tragics Daniel Schell and David Cottingham are along with an amusing tale of using Windows’ own allow-listing software to block EDR from loading. This episode is also available on Youtube . Show notes Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News CertiK - Bybit Incident Technical Analysis Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says | The Record from Recorded Future News EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war | The Record from Recorded Future News Sanctions: Iranians Flock to Crypto; Int'l Actions Target Russia - Chainalysis Apple turns off iCloud encryption feature in UK following reported government legal order | The Record from Recorded Future News Swedish authorities seek backdoor to encrypted messaging apps | The Record from Recorded Future News Leaked chat logs expose inner workings of secretive ransomware group - Ars Technica Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News Meta Sues Alleged Violent Extortionist For Holding Instagram Accounts Hostage Weathering the storm: In the midst of a Typhoon Thailand to take in 7,000 rescued from illegal cyber scam hubs in Myanmar | The Record from Recorded Future News Genea confirms cyber breach after ‘unauthorised third party’ accesses data | news.com.au — Australia’s leading news site Managed healthcare defense contractor to pay $11 million over alleged cyber failings | The Record from Recorded Future News Botnet looks for quiet ways to try stolen logins in Microsoft 365 environments | The Record from Recorded Future News Director-General's Annual Threat Assessment 2025 | ASIO An inside look at NSA (Equation Group) TTPs from China’s lense…

Risky Biz

1
Wide World of Cyber: DeepSeek lobs an AI hand grenade 41:02

8 weeks temu41:02

41:02

In this episode of the Wide World of Cyber podcast Risky Business host Patrick Gray chats with SentinelOne’s Chris Krebs and Alex Stamos about AI, DeepSeek, and regulation. From its bad transport security to its Chinese ownership and the economic implications of China “entering the chat”, everyone’s freaking out over this new model. But should they be? Pat, Alex and Chris dissect the model’s significance, the politics of it all and how AI regulation in Europe, the US and China will shape the future of LLMs. This episode is also available on Youtube . Show notes…

Risky Biz

1
Risky Business #780 -- ASD torched Zservers data while admins were drunk 1:00:35

8 weeks temu1:00:35

1:00:35

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Australian spooks scrubbed Medibank data off Zservers bulletproof hosting Why device code phishing is the latest trick in confusing poor users about cloud authentication Cloudflare gets blocked in Spain, but only on weekends and because of… football? Palo Alto has yet another dumb bug Adam gushes about Qualys’ latest OpenSSH vulns Enterprise browser maker Island is this week’s sponsor and Chief Customer Officer Bradon Rogers joins the show to talk about how the adoption of AI everywhere is causing headaches. This episode is also available on Youtube . Show notes Five Russians went out drinking. When they got back, Australia had struck Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News Further cyber sanctions in response to Medibank Private cyberattack | Defence Ministers What is device code phishing, and why are Russian spies so successful at it? - Ars Technica Anyone Can Push Updates to the DOGE.gov Website Piracy Crisis: Cloudflare Says LaLiga Knew Dangers, Blocked IP Address Anyway (Update) * TorrentFreak Palo Alto Networks warns firewall vulnerability is under active exploitation | Cybersecurity Dive Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466 | Qualys Security Blog China’s Salt Typhoon hackers targeting Cisco devices used by telcos, universities | The Record from Recorded Future News RedMike Exploits Unpatched Cisco Devices in Global Telecommunications Campaign A Hacker Group Within Russia’s Notorious Sandworm Unit Is Breaching Western Networks | WIRED How Phished Data Turns into Apple & Google Wallets – Krebs on Security New hack uses prompt injection to corrupt Gemini’s long-term memory Arizona woman pleads guilty to running laptop farm for N. Korean IT workers, faces 9-year sentence | The Record from Recorded Future News US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News EXCLUSIVE: A Russia-linked Telegram network is inciting terrorism and is behind hate crimes in the UK – HOPE not hate Remembering David Jorm - fundraising for Mental Health research…

Risky Biz

1
Risky Biz Soap Box: Run your own open source IDP with Authentik 38:02

9 weeks temu38:02

38:02

In this SoapBox edition of the show Patrick Gray chats to Fletcher Heisler, the CEO of open-source identity provider Authentik. The whole idea of Authentik is you can take control of an essential IT and security function: identity. Because Authentik is open source it’s extremely flexible, and if you’re running it yourself, you get to decide where your IDP should sit in your architecture. You can run it on prem if you’re an emergency call centre or you’re operating an airgapped network, or you can spin it up in your cloud environment if you’re a typical enterprise. Fletcher talks through the reasons Authentik users are decoupling themselves from the major SaaS Identity Providers, and the flexibility that comes from being able to assemble exactly what you need. This episode is also available on Youtube . Show notes…

Risky Biz

1
Risky Business #779 -- DOGE staffer linked to The Com 58:48

9 weeks temu58:48

58:48

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Musk’s DOGE kid has a history with The Com Paragon fires Italy as a spyware customer Thailand cuts power to scam compounds… … and arrests Phobos/8Base Russian cybercrims The CyberCX DFIR report shows non-U2F MFA is well and truly over And much, much more. This week’s episode is sponsored by Dropzone.AI. They make an AI SOC analysis platform that relieves your analysts of the necessary but tedious work, so they can focus on the value of human insight. Dropzone’s founder and CEO Edward Wu joins to talk about how they approach the problem. This episode is also available on Youtube . Show notes Teen on Musk’s DOGE Team Graduated from ‘The Com’ – Krebs on Security ACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law | WIRED Lawsuit accuses Trump administration of violating federal information security law | The Record from Recorded Future News The Recruitment Effort That Helped Build Elon Musk’s DOGE Army | WIRED States prepare privacy lawsuit against DOGE over access to federal data | The Record from Recorded Future News Union groups sue Treasury over giving DOGE access to sensitive data | The Record from Recorded Future News Student group sues Education Department over reported DOGE access to financial aid databases | The Record from Recorded Future News Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts | The Record from Recorded Future News DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers - Ars Technica DeepSeek Is a Win for Chinese Hackers - Risky Business Owner of spyware used in alleged WhatsApp breach ends contract with Italy | WhatsApp | The Guardian Another person targeted by Paragon spyware comes forward | TechCrunch Apple fixes security flaw allowing third-party access to locked devices | The Record from Recorded Future News U.S. sanctions bulletproof hosting provider for supplying LockBit infrastructure | CyberScoop Thailand cuts power supply to Myanmar scam hubs | The Record from Recorded Future News 8Base ransomware site taken down as Thai authorities arrest 4 connected to operation | The Record from Recorded Future News Two Russian nationals arrested in takedown of Phobos ransomware infrastructure | The Record from Recorded Future News The Company Man: Binance exec detained in Nigeria breaks his silence | The Record from Recorded Future News Deloitte pays $5M in connection with breach of Rhode Island benefits site | Cybersecurity Dive DFIR - Threat Report 2025 | CyberCX Request a Demo | Dropzone AI…

Risky Biz

1
Risky Business #778 -- Musk's child soldiers seize control of FedGov IT systems 56:28

10 weeks temu56:28

56:28

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: DeepSeek leaves an unauthed database on the internet Russia hacked UK prime minister’s personal mail Australia sanctions a Telegram group… which is more sensible than it sounds Medical device backdoor turns out to be just poorly thought out upgrade feature Google abuses weak hashing to patch AMD CPU microcode And much, much more. This week’s episode is sponsored by email security boffins Sublime. Their co-founder and CEO Josh Kamdjou joins to talk about how attackers’ abuse of legitimate services like Docusign is a challenge for email security vendors. This episode is also available on Youtube . Show notes Exclusive: Musk aides lock workers out of OPM computer systems | Reuters Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog Криптостилер SparkCat в магазинах Google Play и App Store | Securelist Russian hackers suspected of compromising British PM’s personal email account | The Record from Recorded Future News PowerSchool hack: missed basic security step resulted in data breach Australia sanctions ‘Terrorgram’ white supremacist online group | The Record from Recorded Future News ‘Paid actors’ could be behind some antisemitic attacks, Albanese says | Australian security and counter-terrorism | The Guardian Interview with James Glenday, ABC News Breakfast | Australian Minister for Foreign Affairs WhatsApp says spyware company Paragon Solutions targeted journalists Spyware maker Paragon confirms US government is a customer | TechCrunch Former Polish justice minister arrested in sprawling spyware probe | The Record from Recorded Future News Sweden releases suspected ship, says cable break ‘clearly’ not sabotage | The Record from Recorded Future News Backdoor found in two healthcare patient monitors, linked to IP in China Attackers exploit zero-day vulnerability in Zyxel CPE devices | Cybersecurity Dive AMD: Microcode Signature Verification Vulnerability · Advisory · google/security-research · GitHub 22-year-old math wiz indicted for alleged DeFI hack that stole $65M - Ars Technica A method to assess 'forgivable' vs 'unforgivable'... - NCSC.GOV.UK Living Off the Land: Credential Phishing via Docusign abuse Living Off the Land: Callback Phishing via Docusign comment B2B freight-forwarding scams on the rise to evade financial fraud crackdowns Callback phishing via invoice abuse and distribution list relays Enhanced message groups: Improving efficiency in email incident response…

Risky Biz

1
Risky Business #777 -- It's SonicWall's turn 51:26

11 weeks temu51:26

51:26

Coming to you from the same room in Risky Business headquarters Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. They talk through: Sonicwall firewalls hand out remote code exec like candy Mastercard make a slapstick-grade mistake with their DNS The data breach at PowerSchool and other niche SaaS providers Academic research proposes taking down Europe’s power grid Apple CPUs get a new speculative execution side channel And much, much more. This week’s episode is sponsored by Push Security, who make an identity security product that runs inside browsers. Luke Jennings joins to discuss some of the pitfalls of federated authentication, like attackers using unexpected identity providers to log in to your apps. This episode is also available on Youtube . Show notes SonicWall warns hackers targeting critical vulnerability in SMA 1000 series appliances | Cybersecurity Dive MasterCard DNS Error Went Unnoticed for Years – Krebs on Security Data breach hitting PowerSchool looks very, very bad - Ars Technica OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’ | The Record from Recorded Future News Hackers imitate Kremlin-linked group to target Russian entities | The Record from Recorded Future News UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters | The Record from Recorded Future News Questions grow over whether Baltic Sea cable damage was sabotage or accidental | The Record from Recorded Future News Researchers say new attack could take down the European power grid - Ars Technica At least $69 million stolen from crypto platform Phemex in suspected cyberattack | The Record from Recorded Future News BreachForums admin to be resentenced after appeals court slams supervised release | The Record from Recorded Future News Apple chips can be hacked to leak secrets from Gmail, iCloud, and more - Ars Technica Apple fixes zero-day flaw affecting all devices | TechCrunch I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny Government websites vanish under Trump, from the Constitution to DEI Trail of Bits: Director, Technical Marketing Push Security: Security Researcher (remote in the USA) A new class of phishing: Verification phishing and cross-IdP impersonation…

Risky Biz

1
Risky Business #776 -- Trump will flex American cyber muscles 1:03:53

12 weeks temu1:03:53

1:03:53

Risky Business returns for its 19th year! Patrick Gray and Adam Boileau discuss the week’s cybersecurity news and there is a whole bunch of it. They discuss: The incoming Trump administration guts the CSRB Biden’s last cyber Executive Order has sensible things in it China’s breach of the US Treasury gets our reluctant admiration Ross Ulbricht - the Dread Pirate Roberts of Silk Road fame - gets his Trump pardon New year, same shameful comedy Forti- and Ivanti- bugs US soldier behind the Snowflake hacks faces charges after a solid Krebs-ing And much, much (much! after a month off) more. This week’s episode is sponsored by Sandfly Security, who make a Linux EDR solution. Founder Craig Rowland joins to talk about how the Linux ecosystem struggles with its lack of standardised approaches to detection and response. If you’ve got a telco full of unix, and people are asking how much Salt Typhoon you’ve got in there… Sandfly’s tools are probably what you’re looking for. If you like your Business like us… - Risky - then we’re hiring! We’re looking for someone to help with audio and video production for our work, manage our socials, and if you’re also into the Cybers… even better. Position is remote, with a preference for timezones amenable to Australia/NZ. Drop us a line: editorial at risky.biz. This episode is also available on Youtube . Show notes POLITICO Pro | Article | Acting DHS chief ousts CSRB experts, other department advisers Treasury’s sanctions office hacked by Chinese government, officials say Strengthening America’s Resilience Against the PRC Cyber Threats | CISA AT&T, Verizon say they evicted Salt Typhoon from their networks Risky Bulletin: Looking at Biden's last cyber executive order - Risky Business Internet-connected devices can now have a label that rates their security | Reuters US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks FCC ‘rip and replace’ provision for Chinese tech tops cyber provisions in defense bill CIA nominee tells Senate he, too, wants to go on cyber offense | CyberScoop Trump tells Justice Department not to enforce TikTok ban for 75 days Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices | The Record from Recorded Future News Unpacking WhatsApp’s Legal Triumph Over NSO Group | Lawfare Time to check if you ran any of these 33 malicious Chrome extensions Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware Researchers warn of active exploitation of critical Apache Struts 2 flaw DOJ deletes China-linked PlugX malware off more than 4,200 US computers Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers | The Record from Recorded Future News Ukraine restores state registers after suspected Russian cyberattack | The Record from Recorded Future News Hackers claim to breach Russian state agency managing property, land records | The Record from Recorded Future News U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security…

Zapraszamy w Player FM

Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.

Posłuchaj 500+ tematów

36 subscribers

Podobny do Risky Biz

Blink Mini 2 (Newest Model) — Home Security & Pet Camera(s) with HD video, color night view, motion detection, two-way audio, and built-in spotlight — 1 camera (White)

Blink Video Doorbell (newest model), Two-way audio, HD video, motion and chime app alerts and Alexa enabled — wired or wire-free (Black)

Ring Indoor Cam (newest model) — Home or business security in 1080p HD video, White

Podcasty warte posłuchania

Risky Biz « » Risky Biz Soap Box: Mike Wiacek on lazy mode threat hunting

Risky Biz Soap Box: Mike Wiacek on lazy mode threat hunting

Podcasty warte posłuchania

Zapraszamy w Player FM

Podobny do Risky Biz

Skrócona instrukcja obsługi

Risky Biz « »
Risky Biz Soap Box: Mike Wiacek on lazy mode threat hunting